|
250781
|
7.5 |
HIGH
Network
|
pivotal_software
cloudfoundry
|
cloud_foundry_uaa
cloud_foundry
cloud_foundry_uaa_bosh
|
An issue was discovered in Cloud Foundry release v247 through v252, UAA stand-alone release v3.9.0 through v3.11.0, and UAA Bosh Release v21 through v26. There is a potential to subject the UAA OAuth…
|
NVD-CWE-noinfo
|
CVE-2017-4960
|
2024-11-21 12:26 |
2017-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250782
|
7.5 |
HIGH
Network
|
cisco
|
netflow_generation_appliance_software
|
A vulnerability in the Stream Control Transmission Protocol (SCTP) decoder of the Cisco NetFlow Generation Appliance (NGA) with software before 1.1(1a) could allow an unauthenticated, remote attacker…
|
CWE-20
Improper Input Validation
|
CVE-2017-3826
|
2024-11-21 12:26 |
2017-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250783
|
5.4 |
MEDIUM
Network
|
cisco
|
firepower_management_center
|
A vulnerability in the web framework of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interf…
|
CWE-79
Cross-site Scripting
|
CVE-2017-3847
|
2024-11-21 12:26 |
2017-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250784
|
4.3 |
MEDIUM
Network
|
cisco
|
prime_collaboration_assurance
|
A vulnerability in exporting functions of the user interface for Cisco Prime Collaboration Assurance could allow an authenticated, remote attacker to view file directory listings and download files. …
|
CWE-20
Improper Input Validation
|
CVE-2017-3844
|
2024-11-21 12:26 |
2017-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250785
|
4.3 |
MEDIUM
Network
|
cisco
|
prime_collaboration_assurance
|
A vulnerability in the file download functions for Cisco Prime Collaboration Assurance could allow an authenticated, remote attacker to download system files that should be restricted. More Informati…
|
CWE-20
Improper Input Validation
|
CVE-2017-3843
|
2024-11-21 12:26 |
2017-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250786
|
6.1 |
MEDIUM
Network
|
cisco
|
prime_collaboration_assurance
|
A vulnerability in the web-based management interface of Cisco Prime Collaboration Assurance could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a u…
|
CWE-79
Cross-site Scripting
|
CVE-2017-3845
|
2024-11-21 12:26 |
2017-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250787
|
5.3 |
MEDIUM
Network
|
cisco
|
intrusion_prevention_system_device_manager
|
A vulnerability in the web-based management interface of the Cisco Intrusion Prevention System Device Manager (IDM) could allow an unauthenticated, remote attacker to view sensitive information store…
|
CWE-200
Information Exposure
|
CVE-2017-3842
|
2024-11-21 12:26 |
2017-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250788
|
7.5 |
HIGH
Network
|
cisco
|
secure_access_control_system
|
A vulnerability in the web interface of the Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to disclose sensitive information. More Information: CSCvc04854. K…
|
CWE-200
Information Exposure
|
CVE-2017-3841
|
2024-11-21 12:26 |
2017-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250789
|
6.1 |
MEDIUM
Network
|
cisco
|
secure_access_control_system
|
A vulnerability in the web interface of the Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to redirect a user to a malicious web page, aka an Open Redirect V…
|
CWE-601
Open Redirect
|
CVE-2017-3840
|
2024-11-21 12:26 |
2017-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250790
|
4.3 |
MEDIUM
Network
|
cisco
|
secure_access_control_system
|
An XML External Entity vulnerability in the web-based user interface of the Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to have read access to part of the…
|
CWE-611
XXE
|
CVE-2017-3839
|
2024-11-21 12:26 |
2017-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
